CIA and Mossad-linked Surveillance System Quietly Being Installed Throughout the US

Unlimited Hangout 10.03.23

From Israel to the US, new tech empowers government to deem you a criminal before you even know it:

‘Gabriel, since its founding, has been backed by “an impressive group of leaders,” mainly “former leaders of Mossad, Shin Bet [Israel’s domestic intelligence agency], FBI and CIA.” In recent years, even more former leaders of Israeli and American intelligence agencies have found their way onto Gabriel’s advisory board and have promoted the company’s products. While the adoption of its surveillance technology was slower than expected in the United States, that dramatically changed last year, when an “anonymous philanthropist” gave the company $1 million to begin installing its products throughout schools, houses of worship and community centers throughout the country. That same “philanthropist” has promised to recruit others to match his donation, with the ultimate goal of installing Gabriel’s system in “every single synagogue, school and campus community in the country.”… With Gabriel’s technology in mind, the Orwellian possibility of having an entirely automated response to various types of incidents, including those arising from the detection of “abnormal behavior,” that could include the use of deadly force no longer seem as futuristic or far-fetched as they once did. Also important to note is the company’s intended goal of offering predictive policing (i.e., pre-crime) functionalities. They state that: “In the future, we see a security platform [i.e., a future iteration of Gabriel’s products] that can anticipate a mass causality [sic] events based on human behavior, identify mass casualty threats prior to the first action taken, and automate alerting to inform potential victims before any harm is done.” Predictive policing has been a major goal of companies deeply tied to the CIA, as well as Israeli intelligence for a number of years, with the most well-known of these being Palantir.'

Ransomware hunters: the self-taught tech geniuses fighting cybercrime

The Guardian 04.10.22

An article with a feather-light touch on cyber scams, which are plentiful. Am including it here so you could imagine the ramifications should your digital identity (see geotech link) be taken over:

‘The frequency and the impact of ransomware attacks are widely understated because many victims don’t make them public or inform the authorities. But in recent years, hundreds of strains with odd names like Bad Rabbit and LockerGoga have paralysed the computer systems of millions of companies, government offices, nonprofit organisations and individuals. Exploiting society’s near-total dependence on computers, hackers demand thousands, millions, or even tens of millions of dollars to restore operations.’

Spyware is huge threat to global human rights and democracy, expert warns

The Guardian 09.08.22

It’s fundamental to human rights that the above message gets repeated:

‘In June, Canada’s federal police agency admitted it uses powerful spyware technology. The tools, which have been used on at least 10 investigations between 2018 and 2020, give the police access to text messages, email, photos, videos, audio files, calendar entries and financial records. The software can also remotely turn on the camera and microphone of a suspect’s phone or laptop… “Despite the nuclear-level capabilities of such spyware, it is remarkable that there has been zero public debate in Canada prior to the RCMP’s (or other [law enforcement] agencies) use of this type of technology,” he wrote in his notes. Deibert, who will speak at 3pm EST, is expected to make a series of recommendations, including regulatory penalties on firms that are known to facilitate human rights abuses abroad, lifetime bans from working with mercenary spyware firms for former employees of Canadian intelligence and law enforcement agencies, and developing clear procurement guidelines.’

Watchdog warned UK government of spyware infections inside 10 Downing Street

Reuters 18.04.22

The fact that Pegasus is still circulating despite global outrage is a worry:

‘Digital rights watchdog group Citizen Lab said on Monday it had warned British officials that electronic devices connected to government networks, including some inside the prime minister's office and foreign ministry, appeared to be infected with Israeli-made spy software. The spy software is known as Pegasus, a product of Israeli cyberarms dealer NSO Group, according to a blog post published by Citizen Lab. "We confirm that in 2020 and 2021 we observed and notified the government of the United Kingdom of multiple suspected instances of Pegasus spyware infections within official UK networks," the blog post reads. An NSO spokesperson said the allegations are "false and could not be related to NSO products for technological and contractual reasons”.'

iPhone flaw exploited by second Israeli spy firm-sources

Reuters 03.02.22

Israel gaining a lot of traction in the press lately. First, as an apartheid state, and second as a spymaster:

'QuaDream, the sources said, is a smaller and lower profile Israeli firm that also develops smartphone hacking tools intended for government clients. The two rival businesses gained the same ability last year to remotely break into iPhones, according to the five sources, meaning that both firms could compromise Apple phones without an owner needing to open a malicious link. That two firms employed the same sophisticated hacking technique – known as a “zero-click” – shows that phones are more vulnerable to powerful digital spying tools than the industry will admit, one expert said… Unlike NSO, QuaDream has kept a lower profile despite serving some of the same government clients. The company has no website touting its business and employees have been told to keep any reference to their employer off social media, according to a person familiar with the company. QuaDream was founded in 2016 by Ilan Dabelstein, a former Israeli military official, and by two former NSO employees, Guy Geva and Nimrod Reznik, according to Israeli corporate records and two people familiar with the business. Reuters could not reach the three executives for comment. Like NSO's Pegasus spyware, QuaDream's flagship product - called REIGN - could take control of a smartphone, scooping up instant messages from services such as WhatsApp, Telegram, and Signal, as well as emails, photos, texts and contacts, according to two product brochures from 2019 and 2020 which were reviewed by Reuters.’

India bought Israeli Pegasus spyware as part of weapons deal: NYT

Al Jazeera29.01.22

From one repressive regime to another:

‘The Indian government led by Hindu nationalist Prime Minister Narendra Modi acquired spyware from Israel as part of a weapon purchase deal in 2017, according to a New York Times report. The Indian government denied it bought the Israeli-made spyware, which was allegedly used to infect phones of its opponents, rights activists and journalists in India. The report published on Friday said Pegasus and a missile system were the “centerpieces” of a roughly $2bn deal of sophisticated weapons and intelligence tools back then.’

Salvadoran journalists' phones hacked with spyware, report finds

Reuters 13.01.22

Israel’s spyware tech is very popular for targeting dissenting opposition:

‘NSO, which has long kept its client list confidential, declined to comment on whether El Salvador was a Pegasus customer. The company said in a statement that it sells its products only to "vetted and legitimate" intelligence and law enforcement agencies to fight crime and that it is not involved in surveillance operations. NSO said it has a "zero-tolerance" policy for misuse of its spyware for activities such as monitoring dissidents, activists and journalists and that it has terminated contracts of some customers who have done so… Phone snooping isn't new to El Salvador, according to Citizen Lab. It alleged in a 2020 report that El Salvador was among at least 25 countries using a bulk surveillance technology made by an Israeli company called Circles. The Circles technology differs from Pegasus in that it vacuums up data from the global phone network instead of planting spyware on specific devices. The report claimed the Circles system had been in operation in El Salvador since 2017.’

Apple sues Israeli spyware firm NSO Group823

BBC 24.11.21

By suing a government-backed spyware, Apple is baring its teeth:

‘In a blog post announcing the California lawsuit, Apple said it wanted to hold NSO Group and its parent company OSY Technologies "accountable for the surveillance and targeting of Apple users”. "To prevent further abuse and harm to its users, Apple is also seeking a permanent injunction to ban NSO Group from using any Apple software, services, or devices," it said… Apple prides itself on its privacy. It's a major selling point for its devices. So it's not totally surprising that a company that has allegedly sought to bypass Apple security features might antagonise the giant. That's not the only reason Apple is making a stand though. Not all hackers are considered equals. NSO Group has government clients, or as Apple puts it, is “state-sponsored". NSO claims it only works with agencies with good human rights records. In that way the company has tried to distinguish itself from underground hackers doing nefarious activities. By suing NSO Group Apple is rejecting that distinction. Apple is making the point that it doesn't matter who you are, if you're a group trying to hack into an Apple product they'll take action - whatever the motives…

Apple will feel it's easier, and more politically palatable, to sue a private company, rather than the governments who are allegedly using the tech… The tech giant said that its servers were not hacked, but that NSO misused and manipulated the servers to deliver the attacks on Apple users. Apple also alleged that NSO Group was directly involved in providing consulting services for the spyware, but NSO maintains that it only sells its tools to clients. Apple said it was forced to engage in a continual arms race with NSO, saying the Israeli firm was "constantly updating their malware and exploits to overcome Apple's own security upgrades”.'

NSO Group: Israeli spyware company added to US trade blacklist

BBC 03.11.21

About time:

'The Israeli company behind the controversial Pegasus spyware has been added to a US trade blacklist… NSO Group said it was "dismayed" by the decision, adding that its technology helped maintain US national security by "preventing terrorism and crime”. It has long maintained that its software is sold only to military, law enforcement and intelligence agencies from countries with good human rights records. But earlier this year, it was accused of having sold its technology to authoritarian governments, which then targeted innocent people. "We look forward to presenting the full information regarding how we have the world's most rigorous compliance and human rights programs that are based on the American values we deeply share, which already resulted in multiple terminations of contacts with government agencies that misused our products," the company said in a statement. However, US officials said that NSO Group and another Israeli firm, Candiru, had acted "contrary to the national security or foreign policy interests of the United States”.'

NSO Pegasus spyware can no longer target UK phone numbers

The Guardian 08.10.21

A lack of transparency from this international spook company means we will never know about which countries it attacks:

'The powerful spyware used to hack into mobile phones belonging to Princess Haya and her divorce lawyer Fiona Shackleton is no longer effective against UK numbers, sources familiar with the software’s developer have said. NSO Group, the Israeli maker of the Pegasus surveillance tool, implemented a change preventing client countries from targeting +44 numbers, the sources said, after it became aware of the British hacking scandal on 5 August last year.’

Ex-U.S. intel operatives admit hacking American networks for UAE

Reuters 15.09.21

Cyber spooks for hire are proliferating:

‘Three former U.S. intelligence operatives who worked as cyber spies for the United Arab Emirates admitted to violating U.S. hacking laws and prohibitions on selling sensitive military technology, under a deal to avoid prosecution announced on Tuesday… At the behest of the UAE’s monarchy, the Project Raven team hacked into the accounts of human rights activists, journalists and rival governments, Reuters reported. The three men admitted to hacking into computer networks in the United States and exporting sophisticated cyber intrusions tools without gaining required permission from the U.S. government, according to court papers released in U.S. federal court in Washington, D.C., on Tuesday… The Reuters investigation found that Project Raven spied on numerous human rights activists, some of whom were later tortured by UAE security forces.’

Your Bluetooth headphones could be vulnerable to surveillance

Coda 07.09.21

More flaws found in ubiquitous tech:

'According to new research published by a Norwegian student, some models of Bluetooth headphones can be used to track and identify their owners without their knowledge… Hegnes was able to collect around 1.7 million Bluetooth messages, over 9,000 Bluetooth transmitters and 129 headsets. He discovered that none of the headphones he analyzed during his cycles were implementing a security measure known as media access control (MAC) address randomization, which made it easy for him to pinpoint the exact locations of wearers.’

This Normal-Looking Lightning Cable Actually Steals All of Your Data

Gizmodo 02.09.21

Who needs viruses when you can buy this nifty hardware?:

‘Motherboard recently wrote about just such a tricky little product, sold by cybersecurity company Hak5 and dubbed the “OMG cable” after its inventor, security researcher MG. The cord, which looks almost exactly like an Apple Lightning cable and is sold in a USB-C or USB-A format, is loaded with a hidden chip and gives a user the ability to remotely steal data or deploy malicious software onto MacBooks, iPads, and iPhones. The product, which was previously demoed at the cyber conference DEFCON in 2019, is used as a penetration testing tool, Vice reports. How it works: Once plugged in, the OMG essentially sets up a wifi hotspot, which a remote user can then connect to. From there, an online interface that comes with the product allows the hacker to record and log activity from the target device. The keylogger logs as much as 650,000 keystrokes, according to Hak5. The company describes it as being “built for covert field-use, with features that enhance remote execution, stealth, forensics evasion, all while being able to quickly change your tooling on the fly.”’

Microsoft: Chinese authorities slam 'groundless' hacking claims

BBC 20.07.21

So Russia escapes scrutiny for now as there’s another baddie in town. If only the US and its allies would see Israel’s NSO Group for what it is, then the level playing field would be more even:

‘The Chinese embassy in Australia echoed these remarks, describing Washington as "the world champion of malicious cyber attacks". The Microsoft hack affected at least 30,000 organisations globally. The Exchange system powers the email of major corporations, small businesses and public bodies worldwide. Microsoft blamed a Chinese cyber-espionage group for exploiting a vulnerability in Microsoft Exchange - which allowed hackers to remotely access email inboxes.’

Pegasus: the spyware technology that threatens democracy - video

The Guardian 19.07.21

An explainer on how invasive the spyware tech works:

'Pegasus spyware is capable of bypassing your phone's security and gaining complete access to your device - including emails, messages, GPS location, photos, video, and your phone's microphone. A Guardian investigation can now reveal widespread abuse of the Pegasus technology by government clients around the world who purchased the spyware from its Israeli manufacturer — the NSO Group. People who were selected as possible targets include journalists, lawyers and human rights defenders.’

Israeli firm's spyware used to target journalists' cell phones - reports

Reuters 19.07.21

Israel’s notoriety at shady and dodgy spying gains traction:

‘One of the organizations, The Washington Post, said the Pegasus spyware licensed by Israel-based NSO Group also was used to target phones belonging to two women close to Jamal Khashoggi, a Post columnist murdered at a Saudi consulate in Turkey in 2018, before and after his death. The Guardian, another of the media outlets, said the investigation suggested "widespread and continuing abuse" of NSO's hacking software, described as malware that infects smartphones to enable the extraction of messages, photos and emails; record calls; and secretly activate microphones… The numbers on the list were not attributed, but reporters identified more than 1,000 people spanning more than 50 countries, the Post said. They included several Arab royal family members, at least 65 business executives, 85 human rights activists, 189 journalists and more than 600 politicians and government officials - including several heads of state and prime ministers. The Guardian said the numbers of more than 180 journalists were listed in the data, including reporters, editors and executives at the Financial Times, CNN, New York Times, the Economist, Associated Press and Reuters. "We are deeply troubled to learn that two AP journalists, along with journalists from many news organizations, are among those who may have been targeted by Pegasus spyware," said Director of AP Media Relations Lauren Easton.’

FT editor among 180 journalists identified by clients of spyware firm

The Guardian 18.07.21

Big coverage about journalists and activists being hacked by Israeli spyware:

‘The editor of the Financial Times is one of more than 180 editors, investigative reporters and other journalists around the world who were selected as possible candidates for surveillance by government clients of the surveillance firm NSO Group, the Guardian can reveal. Roula Khalaf, who became the first female editor in the newspaper’s history last year, was selected as a potential target throughout 2018. Her number is included in a leaked list of mobile phone numbers selected for possible surveillance by clients of NSO, an Israeli firm that manufactures spyware and sells it to governments. Its principal product, Pegasus, is capable of compromising a phone, extracting all of the data stored on the device and activating its microphone to eavesdrop on conversations.’

Citizen Lab: Spyware by Israel’s Candiru used to target activists

Al Jazeera 15.07.21

Israel is getting an infamous reputation with regards to spyware:

'At least 100 activists, journalists and government dissidents across 10 countries were targeted with spyware produced by an Israeli company called Candiru, according to cybersecurity researchers at the University of Toronto’s Citizen Lab, which tracks illegal hacking and surveillance. Using a pair of vulnerabilities in Microsoft Corp.’s Windows, cyber operatives operating in Saudi Arabia, Israel, Hungary, Indonesia and elsewhere purchased and installed remote spying software made by Candiru, according to the researchers. The tool was used in “precision attacks” against targets’ computers, phones, network infrastructure and internet-connected devices,” said Cristin Goodwin, general manager of Microsoft’s Digital Security Unit.’

Swedish Coop supermarkets shut due to US ransomware cyber-attack

BBC 03.07.21

Digital supply chains are now being attacked as it’s more profitable for hackers:

‘Cyber researchers say about 200 businesses have been hit by this "colossal" ransomware attack, which had mainly affected the US. Cyber-security firm Huntress Labs said the hack targeted Florida-based IT company Kaseya before spreading through corporate networks that use its software. The firm believes the Russia-linked REvil ransomware gang was responsible. Kaseya said in a statement on its own website that it was investigating a "potential attack”… The case highlights the growing concern in the cyber-security world about so-called supply chain attacks where hackers are able to claim multiple victims by attacking their supplier. The US Cybersecurity and Infrastructure Agency, a federal body, said in a statement that it was taking action to address the attack and urging users of the Kesaya software to shut it down. The UK's National Cyber Security Centre said: "We are aware of a cyber incident involving Kaseya, and we are working to fully understand its impact. "Ransomware is a growing, global cyber threat, and all organisations should take immediate steps to limit risk and follow our advice on how to put in place robust defences to protect their networks.”'

Microsoft says group behind SolarWinds hack now targeting government agencies, NGOs

REUTERS 28.05.21

Despite Russia denying any involvement with Microsoft’s SolarWind attack, the accusations keep coming:

‘Nobelium, originating from Russia, is the same actor behind the attacks on SolarWinds customers in 2020, according to Microsoft… The hack of information technology company SolarWinds, which was identified in December, gave access to thousands of companies and government offices that used its products. Microsoft President Brad Smith described the attack as "the largest and most sophisticated attack the world has ever seen". read more This month, Russia's spy chief denied responsibility for the SolarWinds cyber attack but said he was "flattered" by the accusations from the United States and Britain that Russian foreign intelligence was behind such a sophisticated hack. The United States and Britain have blamed Russia's Foreign Intelligence Service (SVR), successor to the foreign spying operations of the KGB, for the hack which compromised nine U.S. federal agencies and hundreds of private sector companies.'

A Chinese hacking competition may have given Beijing new ways to spy on the Uyghurs

The Conversation 21.05.21

When governments, rather than tech developers, promote competition for hackers, things get a bit murky:

'Hacking competitions are an established way for technology companies like Apple to locate and attend to weaknesses in their software’s cybersecurity. But with state-backed hacks on the rise, the suggestion that the Tianfu Cup is feeding Beijing new ways to perform surveillance is concerning – especially seeing as Chinese competitors have dominated international hacking competitions for years… Until 2017, Chinese hackers walked away with a high proportion of prizes offered at Pwn2Own. But after a Chinese billionaire argued that Chinese hackers should “stay in China” because of the strategic value of their work, Beijing responded by banning Chinese citizens from competing in overseas hacking competitions. China’s Tianfu Cup was set up shortly after, in 2018.’

Cyber attack: When will the Irish health service get a resolution?

BBC 22.05.21

If your services go digital the protection that’s required is massive:

‘But the cyber attack has also highlighted the vulnerability of the Ireland's health service because of its continued use of an outdated Windows system. IT experts have said the attack was an accident waiting to happen because of a failure to invest sufficiently in cyber security. Others suggest that the Health Service Executive (HSE), the official name for the Republic of Ireland's health service, could face up to €1m (£860,700) in fines for inadequate data protection under General Data Protection Regulation (GDPR) rules.’

Russia spy chief suggests West behind SolarWinds cyber-attack (VIDEO)

BBC 18.05.21

Russia’s spy chief denies involvement into Solar Winds’ attacks and likens accusations to those of a bad crime novel:
‘… The head of Russia’s Foreign Intelligence Service has denied that his agency was linked to a massive cyber-attack in the US last year.’

DC police suffer ‘massive’ info leak after ransomware attack

Al Jazeera 13.05.21

Cyber attacks are on the rise in the US with the usual fingers pointing to Russia:

‘The police department in the United States capital has suffered a massive leak of internal information after refusing to meet the blackmail demands of a Russian-speaking ransomware syndicate. Experts said it i the worst known ransomware attack ever to hit a US police department. The gang, known as the Babuk group, released thousands of the Washington, DC, Metropolitan Police Department’s sensitive documents on the dark web Thursday… Ransomware attacks have reached epidemic levels as foreign criminal gangs paralyse computer networks at state and local governments, police departments, hospitals and private companies. They demand large payments to decrypt stolen data or to prevent it from being leaked online. A cyberattack last week shut down the Colonial Pipeline, the nation’s largest fuel pipeline, prompting petrol-hoarding and panic-buying in parts of the Southeast.’

Clubhouse data leak: 1.3 million scraped user records leaked online for free

CyberNews 10.04.21

One more tech company gets ‘scrapped’:

‘Days after scraped data from more than a billion Facebook and LinkedIn profiles, collectively speaking, was put for sale online, it looks like now it’s Clubhouse’s turn. The upstart platform seems to have experienced the same fate, with an SQL database containing 1.3 million scraped Clubhouse user records leaked for free on a popular hacker forum.’

Scraped data of 500 million LinkedIn users being sold online, 2 million records leaked as proof

Cyber News 06.04.21

Following a huge Facebook data leak, LinkedIn joins the queue:

'Days after a massive Facebook data leak made the headlines, it seems like we’re in for another one, this time involving LinkedIn. An archive containing data purportedly scraped from 500 million LinkedIn profiles has been put for sale on a popular hacker forum, with another 2 million records leaked as a proof-of-concept sample by the post author.’

Google’s top security teams unilaterally shut down a counterterrorism operation

MIT 26.03.21

Is it Russia, China, North Korea? Or Google?

‘Google runs some of the most venerated cybersecurity operations on the planet: its Project Zero team, for example, finds powerful undiscovered security vulnerabilities, while its Threat Analysis Group directly counters hacking backed by governments, including North Korea, China, and Russia. And those two teams caught an unexpectedly big fish recently: an “expert” hacking group exploiting 11 powerful vulnerabilities to compromise devices running iOS, Android, and Windows. But MIT Technology Review has learned that the hackers in question were actually Western government operatives actively conducting a counterterrorism operation. The company’s decision to stop and publicize the attack caused internal division at Google and raised questions inside the intelligence communities of the United States and its allies. A pair of recent Google blog posts detail the collection of zero-day vulnerabilities that it discovered hackers using over the course of nine months. The exploits, whichwent back to early 2020 and used never-before-seen techniques, were “watering hole” attacks that used infected websites to deliver malware to visitors. They caught the attention of cybersecurity experts thanks to their scale, sophistication, and speed. Google’s announcement glaringly omitted key details, however, including who was responsible for the hacking and who was being targeted, as well as important technical information on the malware or the domains used in the operation. At least some of that information would typically be made public in some way, leading one security expert to criticize the report as a “dark hole.”’

Microsoft hack: White House warns of 'active threat' of email attack

BBC 07.03.21

Microsoft is now under attack by the Chinese! Bill Gates did not leave his company well-guarded it seems:

‘Microsoft said hackers had used its mail server to attack their targets. It is reported that tens of thousands of US organisations may be impacted. The US has long accused the Chinese government of cyber-espionage, something Beijing denies. Ms Psaki told reporters that the White House was "concerned that there are a large number of victims" and said the vulnerabilities found in Microsoft's servers "could have far reaching impacts”.'

Ransomware gangs are running riot – paying them off doesn’t help

The Conversation 17.02.21

An evolving business in cybercrime, with brokers handling ransom payments and insurance companies raising their premiums:

‘An EU report published in 2020 found that ransomware attacks increased by 365% in 2019 compared to the previous year. Since then, the situation is likely to have become much worse. The US security company PurpleSec has suggested that overall business losses caused by ransomware attacks might have exceeded US$20 billion (£14.3 billion) in 2020, up from US$11.5 billion (£8.2 billion) in 2019... Insurers, especially in the US, urge their clients to quickly and quietly pay the ransom to minimise the damage of disruption. Then insurers allow the company to claim back the ransom payment on their insurance, and raise their premiums for the following year. This payment is usually handled discreetly by a broker. In essence, the ransomware ecosystem functions like a protection racket, effectively supported by insurers who are set to pocket higher premiums as attacks continue.’

The Great iPwn

CitizenLab 20.12.20

A very thorough investigation into NSO’s increasingly sophisticated spyware to target journalists worldwide:

'The abuse of NSO Group’s zero-click iMessage attack to target journalists reinforces the need for a global moratorium on the sale and transfer of surveillance technology, as called for by the U.N. Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression, “until rigorous human rights safeguards are put in place to regulate such practices and guarantee that governments and non-State actors use the tools in legitimate ways.”’

Nuclear weapons agency breached amid massive cyber onslaught

Politico 17.12.20

An update of Solarwinds contained lots of malware indicating a sophisticated hack into several sensitive US administrations:

‘The Energy Department and National Nuclear Security Administration, which maintains the U.S. nuclear weapons stockpile, have evidence that hackers accessed their networks as part of an extensive espionage operation that has affected at least half a dozen federal agencies, officials directly familiar with the matter said… "At this point, the investigation has found that the malware has been isolated to business networks only, and has not impacted the mission essential national security functions of the department, including the National Nuclear Security Administration," Hynes said in a statement. "When DOE identified vulnerable software, immediate action was taken to mitigate the risk, and all software identified as being vulnerable to this attack was disconnected from the DOE network.”’

More on the countries are being affected by this hack, with an update being released by Reuters on the unfolding story. It’s funny that the Democrats are shouting ‘Russia’! and the Republicans, ‘China’!. Partisan boogeymen in action.

Spy companies using Channel Islands to track phones around the world

TBIJ 16.12.20

Spy companies are notably found in Israel and Jersey and Guernsey are apparently facilitating tracking operations through ‘rent-a-signal’ relay services:

‘The spy companies see phone operators in the Channel Islands as an especially soft route into the UK, according to industry experts, who say the attacks emanating from the islands appear to be targeted at individuals rather than cases of “mass” surveillance… The investigation has found that private intelligence companies are able to rent access from mobile phone operators and this can then be exploited to allow the tracking of the physical location of users across the world. They are also potentially able to intercept calls and other private data, including bank accounts and emails…
Sources told the Guardian and the Bureau that some operators, in effect, have leased access to their networks to surveillance businesses, allowing people’s mobile phones to be tracked around the world… A sample of data, believed to cover only a part of Rayzone’s operations, shows that between August 2019 and April 2020 the company enabled the targeting of more than 60 countries, with thousands of signals being sent into more than 130 different networks… “The revelations of the sheer scale and global dimension of these attacks are a wake-up call,” Markéta Gregorová, the European surveillance rapporteur, said in response to the Bureau’s findings. “The delicate balance between lawful governmental surveillance and the sanctity of fundamental rights has been turned on its head.”’

US cybersecurity firm FireEye hit by 'state-sponsored' attack

BBC 09.12.20

A cybersecurity giant gets hacked and blames attack on sophisticated measures, meaning foreign government:

‘In a blog, FireEye CEO Kevin Mandia said company tools used for testing customers' security had been stolen. "The attacker primarily sought information related to certain government customers," he wrote. The blog did not say who might have carried out the attack. The firm and the FBI are investigating the hack. FireEye share price plunged following the company's acknowledgement of the hack.’

The untold story of a cyberattack, a hospital and a dying woman

WIRED 12.11.20

The perils of data moving into outsourced cloud servers will only multiply:

‘What deepens the concern is the growing threat of cyberattacks on hospitals. More than 750 healthcare providers across the United States were targeted by ransomware last year. A string of incidents, worsened in during the pandemic, has brought these attacks into sharp focus.’

Undocumented backdoor that covertly takes snapshots found in kids’ smartwatch

Ars Technica 12.10.20

Not sure who to blame here, the developers or the parents:

‘A popular smartwatch designed exclusively for children contains an undocumented backdoor that makes it possible for someone to remotely capture camera snapshots, wiretap voice calls, and track locations in real time, a researcher said… It turns out that the X4 contains something else: a backdoor that went undiscovered until some impressive digital sleuthing. The backdoor is activated by sending an encrypted text message… The backdoor underscores the kinds of risks posed by the increasing number of everyday devices that run on firmware that can’t be independently inspected without the kinds of heroic measures employed by Mnemonic. While the chances of this particular backdoor being used are low, people who own an X4 would do well to ensure their device installs the patch as soon as practical.’

How worried should we be about deadly cyber-attacks? (VIDEO)

BBC 25.09.20

As the steel worker said, the smarter the technology the more recurrent the attacks will be.

App bans won’t make US security risks disappear

Technology Review 21.09.20

The real issue is who gets to spy on you:

‘As the TikTok and WeChat stories unfold—and no one should expect a permanent resolution anytime soon—policymakers, technologists, and citizens should look beyond this chaotic start to the deeper, unresolved questions. Now is the time to develop comprehensive policy tools that protect privacy and national security from threats foreign and domestic. Similarly, if the Trump administration were truly serious about stopping malign actors from abusing personal data from US-based users, or serious about stopping foreign intelligence agencies from gathering massive datasets describing US society, they would go to the root of the problem: an app economy that collects and monetizes as much data as companies can manage… A well-designed regulatory scheme for data privacy and security would establish rules for collecting, using, and storing user data, and formal mechanisms to provide citizens and national security authorities with the information they need to feel confident that specific apps do not pose a privacy or security risk. It would help ensure that freedom of expression and privacy are honored across our connected lives. And it would lay out a framework for democratic oversight of the moderation and recommendation algorithms that have reshaped the US public sphere. Crucially, any such scheme should be discussed and agreed upon through the standard legislative process.’

The Big Tesla Hack: A hacker gained control over the entire fleet, but fortunately he’s a good guy

Electrek 27.08.20

When electric vehicles are lauded for advances in fighting pollution, remote access is hardly mentioned:

‘While this was a massive breach exposing a big vulnerability in Tesla’s network, it is also a good example of the importance of whitehat hackers and for them to focus more on the automotive industry as cars become increasingly more connected. Instances like this important breach are actually putting Tesla in a much better position in the industry. The automaker’s products are sort of becoming the cool new thing for hackers to hack like the iPhone once was. As long as the good guys, like Jason, are doing it, it will help Tesla stay ahead of the bad guys and avoid the possible nightmarish scenario of self-driving vehicle attacks described by Elon.’

The man who built a spyware empire says it’s time to come out of the shadows

Technology Review 19.08.20

A much-maligned international spying company is trying to right its image with a PR offensive. A typical pass-the-parcel blame tactic:

‘For nine full years, Hulio never talked publicly about his billion-dollar hacking company—even when his hacking tools were linked to scandal or he was accused of being complicit in human rights abuses around the world. Lately, though, he’s speaking up. “People don’t understand how intelligence works,” Hulio tells me over a video call from Tel Aviv. “It’s not easy. It’s not pleasant. Intelligence is a shitty business full of ethical dilemmas. The business he leads, NSO Group, is the world’s most notorious spyware company. It’s at the center of a booming international industry in which high-tech firms find software vulnerabilities, develop exploits, and sell malware to governments. The Israeli-headquartered company has been linked to high-profile incidents including the murder of Jamal Khashoggi and spying against politicians in Spain…
It was never an easy job to understand the full scope of the hacker-for-hire industry. Now the techniques and indicators investigators have long relied on as clues are becoming rarer, quieter, and more difficult to spot. The stealthy new arsenal makes it extraordinarily difficult to hold hacking companies and intelligence agencies accountable when human rights abuses occur. Perhaps surprisingly, Hulio agrees emphatically that the hacking industry is going dark. When I ask him if the industry is taking enough steps toward transparency and accountability, he shakes his head and points a finger at his competitors: “Actually, I think it’s the other way around. The industry is going away from regulation. I see companies trying to hide activity and hide what they’re doing. It’s damaging the industry.”… We’ve gone full circle, arriving back in a thick tangle of secrecy. Money is flowing, abuses keep happening, and the hacking tools are proliferating: no one disputes that. But who is accountable when brutal authoritarians get their hands on cutting-edge spyware to use against opponents? An already shadowy world is getting darker, and answers are becoming harder to come by.’

'Payment sent' - travel giant CWT pays $4.5 million ransom to cyber criminals

REUTERS 31.07.20

The more businesses are digitised, the greater and more frequent such attacks will occur:

'U.S. travel management firm CWT paid $4.5 million (3.4 million pounds) this week to hackers who stole reams of sensitive corporate files and said they had knocked 30,000 computers offline, according to a record of the ransom negotiations seen by Reuters… In a ransom note left on infected CWT computers and screenshots posted online, the hackers claimed to have stolen two terabytes of files, including financial reports, security documents and employees’ personal data such as email addresses and salary information… Such attacks are thought to cost billions of dollars each year, either in extorted payments or recovery costs. Cybersecurity experts say the best defence is to keep secure data back-ups, and that paying ransoms encourages further criminal attacks without any guarantee that the encrypted files will be restored.’

The Twitter bitcoin hack was bad but it should have been way worse

WIRED 17.07.20

A wake-up call for highjacking social media?

‘In 2011 it settled with the US Federal Trade Commission for “serious lapses in the company’s data security [that] allowed hackers to obtain unauthorised administrative control of Twitter, including both access to non-public user information and tweets that consumers had designated as private, and the ability to send out phony tweets from any account” – eerily similar issues to the problem now. It's highly likely that Twitter may face repercussions from regulators over the most recent incident too. “We all got a taste of a coordinated digital attack,” says cybersecurity researcher Andrea Stroppa. Twitter struggled to quickly lock this down – though that isn’t surprising, says Hyppönen. “When you are in a network and have multiple administrators working on that at the same time, and one of them is the attacker, they all have the same rights,” he says. “You have multiple gods with the same access rights fighting with each other, and you can’t just find the attacker right away and kick them out.”’

Phone of top Catalan politician 'targeted by government-grade spyware’

The Guardian 13.07.20

Using Israel’s Pegasus software, governments are spying on their opposition leaders:

‘A joint investigation by the Guardian and El País has revealed that the speaker of the Catalan regional parliament, Roger Torrent and at least two other pro-independence supporters were told they were targeted last year in what experts said was a “possible case of domestic political espionage” in Europe... Spain’s National Intelligence Centre (CNI) said in a statement that it acts “in full accordance with the legal system, and with absolute respect for the applicable laws” and that its work is overseen by Spain’s supreme court. It did not respond to specific questions about the alleged use of NSO Group spyware.’

LinkedIn sued over allegation it secretly reads Apple users' clipboard content

REUTERS 11.07.20

It seems it’s not just TikTok using backdoor standards:

'According to media reports from last week, 53 apps including TikTok and LinkedIn were reported to be reading users’ Universal Clipboard content, after Apple’s latest privacy feature started alerting users whenever the clipboard was accessed with a banner saying “pasted from Messages.” “These “reads” are interpreted by Apple’s Universal Clipboard as a “paste” command,” Bauer’s lawsuit alleged… According to the complaint, LinkedIn has not only been spying on its users, it has been spying on their nearby computers and other devices, and it has been circumventing Apple’s Universal Clipboard timeout.’

Israeli spyware used to target Moroccan journalist, Amnesty claims

The Guardian 21.06.20

It seems silly for a spyware firm to be discussing human rights abuses. It sells spyware!:

‘As NSO Group faced mounting criticism last year that its hacking software was being used illegally against journalists, dissidents and campaigners around the world, the Israeli spyware company unveiled a new policy that it said showed its commitment to human rights.
NSO said in a statement that it was “deeply troubled” by a letter it received from Amnesty that contained the allegations. “We are reviewing the information therein and will initiate an investigation if warranted,” the company said. “Consistent with our human rights policy, NSO Group take seriously our responsibility to respect human rights. We are strongly committed to avoiding causing, contributing to, or being directly linked to human rights impacts.”
In both cases, the injections occurred while the targets – Radi and Monjib – were using an LTE/4G connection. One way spyware companies can execute such infections involve the use of what Amnesty called a “rogue” cell tower: a portable device that imitates legitimate cellular towers and, when placed in close physical proximity to a target, enables attackers to manipulate intercepted mobile traffic.’

Exclusive: Massive spying on users of Google's Chrome shows new security weakness

REUTERS 18.06.20

Google Chrome is a spy enabler with all info siphoned off:

‘A newly discovered spyware effort attacked users through 32 million downloads of extensions to Google’s market-leading Chrome web browser, researchers at Awake Security told Reuters, highlighting the tech industry’s failure to protect browsers as they are used more for email, payroll and other sensitive functions… Most of the free extensions purported to warn users about questionable websites or convert files from one format to another. Instead, they siphoned off browsing history and data that provided credentials for access to internal business tools. Based on the number of downloads, it was the most far-reaching malicious Chrome store campaign to date, according to Awake co-founder and chief scientist Gary Golomb…
“Anything that gets you into somebody’s browser or email or other sensitive areas would be a target for national espionage as well as organized crime,” said former National Security Agency engineer Ben Johnson, who founded security companies Carbon Black and Obsidian Security… All of the domains in question, more than 15,000 linked to each other in total, were purchased from a small registrar in Israel, Galcomm, known formally as CommuniGal Communication Ltd. Awake said Galcomm should have known what was happening. In an email exchange, Galcomm owner Moshe Fogel told Reuters that his company had done nothing wrong. “Galcomm is not involved, and not in complicity with any malicious activity whatsoever,” Fogel wrote. “You can say exactly the opposite, we cooperate with law enforcement and security bodies to prevent as much as we can.”.. Malicious developers have been using Google’s Chrome Store as a conduit for a long time. After one in 10 submissions was deemed malicious, Google said in 2018 here it would improve security, in part by increasing human review. But in February, independent researcher Jamila Kaya and Cisco Systems’ Duo Security uncovered here a similar Chrome campaign that stole data from about 1.7 million users. Google joined the investigation and found 500 fraudulent extensions.’

China’s quantum satellite enables first totally secure long-range messages

The Conversation 16.06.20

How funny that the article mentions the paranoia engendered by Snowden’s revelations as a driving force to ‘entangle’ communication:

‘The satellite serves as the source of pairs of entangled photons, twinned light particles whose properties remain intertwined no matter how far apart they are. If you manipulate one of the photons, the other will be similarly affected at the very same moment… Micius has previously produced entangled photons and delivered them to two ground stations (observatories) 1,200km apart via special telescopes. Scientists showed the photons reach Earth as entangled as they were in orbit. Then, in 2017, Micius was used to distribute quantum cryptographic keys to ground stations near Vienna and Beijing, enabling a secure virtual meeting between the Austrian and Chinese science academies – 7,400km apart. None of the communication went through Micius. It only produced and distributed the encryption keys. But both ground stations had to talk to and trust Micius as part of their communication systems and use it as a relay before establishing a link with each other.’

Exclusive: Obscure Indian cyber firm spied on politicians, investors worldwide

REUTERS 09.06.20

Cyberhackers for rent. A new ubiquitous service:

‘New Delhi-based BellTroX InfoTech Services targeted government officials in Europe, gambling tycoons in the Bahamas, and well-known investors in the United States including private equity giant KKR and short seller Muddy Waters, according to three former employees, outside researchers, and a trail of online evidence…
Researchers at internet watchdog group Citizen Lab, who spent more than two years mapping out the infrastructure used by the hackers, released a report here on Tuesday saying they had "high confidence" that BellTroX employees were behind the espionage campaign. “This is one of the largest spy-for-hire operations ever exposed,” said Citizen Lab researcher John Scott-Railton. Although they receive a fraction of the attention devoted to state-sponsored espionage groups or headline-grabbing heists, “cyber mercenary” services are widely used, he said. “Our investigation found that no sector is immune.”'

13th Signal Regiment: British military launches first dedicated cyber unit

The Independent 05.06.20

UK military’s engagement in countering cyber attacks:

‘Defence Secretary Ben Wallace said of the new regiment: “This is a step-change in the modernisation of the UK Armed Forces for information warfare. Cyber-attacks are every bit as deadly as those faced on the physical battlefield, so we must prepare to defend ourselves from all those who would do us harm and 13th Signal Regiment is a vital addition to that defence.” Chief of the General Staff, General Sir Mark Carleton-Smith added “13th Signal Regiment is the British Army’s brand new cyber regiment — matching cutting edge technology with cyber-fit soldiers to compete and win in the Information Age”.’

Coronavirus: Serco apologises for sharing contact tracers' email addresses

BBC 20.05.20

Scandal-ridden company, Serco, should not have a seat at the table:

‘Outsourcing firm Serco has apologised after accidentally sharing the email addresses of almost 300 contact tracers. The company is training staff to trace cases of Covid-19 for the UK government.’

Company behind UK’s Covid-19 tracing app leaks 296 emails, killing trust in both the government & the scandal-riddled contractor

RT 20.05.20

Serco’s past is shady:

‘The company was fined £19.2 million last summer for fraud and false accounting over the Ministry of Justice's electronic tagging service for released prisoners – plus the £70 million they paid in compensation. Two of their former executives were also criminally charged over the affair. The Panama Papers leak unearthed more dirt on Serco’s track record of incompetence. Offshore law firm Appleby wanted nothing to do with them because “it has a history of problems, failures, fatal errors and overcharging.” Serco reached out to Appleby to establish a holding company in Mauritius to buy 49 percent of a firm in Abu Dhabi. The lawyers were suspicious of the motivations and reckoned it was to escape tax, so walked away. To back up their decision, they referenced allegations against Serco which included breaching responsibilities of the handling of nuclear waste, manipulating results to show it met NHS targets, covering up sexual abuse of immigrants, plus horrendous reports from prisons it ran in New Zealand and Australia… Public life relies on the impression of things being done fairly and in the absence of bias. Serco getting the contract to track and trace citizens screams of anything but – and then it botches basic privacy protection. Britain is lurching from one scandal to another – and yet again, the ordinary person has to take it square on the chin. It's the next stage of a nightmare that doesn't seem to ever end.’

Estonian MPs pass ‘Huawei law’ for telecom security reviews

RT 12.05.20

Cybersecurity nightmares are about to explode if 5G/6G is implemented:

‘Estonia’s parliament approved on Tuesday a new Electronics Communications Act to ensure security reviews for telecom gear needed in the development of future networks. The act, dubbed by lawmakers the ‘Huawei law’ in reference to the Chinese telecommunications company, leaves detailed implementation to the government and includes intelligence services among the reviewing authorities.’

The Confessions of Marcus Hutchins, the Hacker Who Saved the Internet

WIRED 12.05.20

An amazingly entertaining story of cybersecurity malware actors.

White House could pull US military and intelligence operations out of UK as part of Huawei review, reports say

The Independent 05.05.20

The US wants war with China and is putting pressure on allies to snub the country:

‘In giving Huawei approval to help build Britain’s 5G network, Boris Johnson insisted that the Chinese government would be barred from core parts of the network, such as areas near military facilities and nuclear sites. It also had its share of development on non-sensitive parts of the network capped at 35 per cent. That position has been rejected by the US, which maintains having Huawei build any part of the wireless network would effectively give the Chinese communist government access to the full network.’

WhatsApp: Israeli firm 'deeply involved' in hacking our users

The Guardian 29.04.20

Well we’ve known this for a while. Will anything be done though?

‘The new claims about NSO Group allege that the Israeli company bears responsibility in serious human rights violations, including the hacking of more than a dozen Indian journalists and Rwandan dissidents…
The new developments in the case come as NSO is facing separate questions about the accuracy of a tracking product it has launched following the outbreak of Covid-19. The new programme, called Fleming, uses mobile phone data and public health information to identify who individuals infected with coronavirus may have come into contact with.‘

What if Covid-19 isn't our biggest threat?

The Guardian 26.04.20

In an interconnected world, there’s more than a biological pandemic that would scupper societal balance:

‘Martin Rees, the cosmologist and former president of the Royal Society, co-founded the Centre for the Study of Existential Risk in Cambridge. He has long been involved in raising awareness of looming disasters and he echoes Ord’s concern. “I’m worried,” he says, “simply because our world is so interconnected, that the magnitude of the worst potential catastrophes has grown unprecedentedly large, and too many have been in denial about them. We ignore the wise maxim ‘the unfamiliar is not the same as the improbable’.” Letwin warns of an overdependence on the internet and satellite systems, allied with limited stocks of goods and long supply chains. These are ideal conditions for sabotage and global breakdown. As he writes, ominously: “The time has come to recognise that more and more parts of our lives – of society itself – depend on fewer and fewer, more integrated networks.”’

‘Zoombombing' targeted with new version of app

BBC 23.04.20

The company’s woes continue:

‘The platform is now being used by hundreds of millions of people for work and leisure, as lockdowns are imposed around the world. "We will earn our customers’ trust and deliver them happiness with our unwavering focus on providing the most secure platform,” Zoom's chief executive Eric Yuan said in a statement. Zoom has been criticised for a range of privacy issues, including sending user data to Facebook, wrongly claiming the app had end-to-end encryption, and allowing meeting hosts to track attendees.’

Flaw in iPhone, iPads may have allowed hackers to steal data for years

REUTERS 22.04.20

Apple is lagging behind and may lose its privacy-strong reputation:

‘Apple Inc is planning to fix a flaw that a security firm said may have left more than half a billion iPhones vulnerable to hackers. The bug, which also exists on iPads, was discovered by ZecOps, a San Francisco-based mobile security forensics company, while it was investigating a sophisticated cyberattack against a client that took place in late 2019. Zuk Avraham, ZecOps’ chief executive, said he found evidence the vulnerability was exploited in at least six cybersecurity break-ins. An Apple spokesman acknowledged that a vulnerability exists in Apple’s software for email on iPhones and iPads, known as the Mail app, and that the company had developed a fix, which will be rolled out in a forthcoming update on millions of devices it has sold globally.’

MPs summon China-owned firm execs over security concerns

BBC 14.04.20

In a world increasingly geared towards tech, some are waking up to the threat posed by it. About time too:

‘A leading UK-based firm will be summoned on Tuesday by MPs to answer questions over security concerns. There are concerns that the Chinese owner of Imagination Technologies has renewed efforts to transfer ownership of sensitive security software to companies controlled by China. Lawmakers worry the coronavirus crisis is diverting attention from controversial technology transfers. The fear is that networks in the UK, Europe and the US could be compromised.’

NSO Group points finger at state clients in WhatsApp spying case

The Guardian 07.04.20

NSO spying firm does not hold itself responsible for global governments’ spying:

‘WhatsApp, the popular messaging app, filed a lawsuit against NSO Group in October, alleging that the cyberweapons company was behind a series of highly sophisticated attacks that it claimed violated US law in an “unmistakeable pattern of abuse”…
NSO Group also argued that WhatsApp had “conflated” NSO Group’s actions with the actions of NSO’s “sovereign customers”. While NSO Group licenses its signature spying technology, Pegasus, to government law enforcement and intelligence agencies and assists with “training, setup, and installation”, it said it did not operate the technology.
“Government customers do that, making all decisions about how to use the technology,” NSO said in its legal filing. “If anyone installed Pegasus on any alleged “target devices” it was not [the] defendants [NSO Group]. It would have been an agency of a sovereign government.”’

Coronavirus: Israeli spyware firm pitches to be Covid-19 saviour

BBC 03.04.20

A much-maligned company from a repressive regime would like to track people from all nations:‘

A controversial Israeli cyber-security company is marketing software that uses mobile phone data to monitor and predict the spread of the coronavirus. NSO Group says it is in talks with governments around the world, and claims some are already testing it… NSO said a number of governments around the world were piloting the system, but would not reveal their identity or whether any of them had started using it in the field.’

Zoom boss apologises for security issues and promises fixes

BBC 03.04.20

Zoom tries to explain itself:

‘Zoom is to pause the development of any new features to concentrate on safety and privacy issues, in the wake of criticism from users of the app. In a blog, the chief executive of the video conferencing app apologised for "falling short" on security issues and promised to address concerns…
Zoom has been criticised for a range of privacy issues, including sending user data to Facebook, wrongly claiming the app had end-to-end encryption, and allowing meeting hosts to track attendees. Ex-NSA (National Security Agency) hacker Patrick Wardle identified a series of issues, including a flaw which left Mac users vulnerable to having webcams and microphones hijacked…
Mr Cluley said anyone using it for sensitive conversations needed to be careful. "Fixing these problems will take time. And those particularly high-risk users of Zoom, having highly sensitive discussions on the service, who might potentially be the target of state-sponsored attacks (for instance the UK cabinet), might be wise to find alternative, more secure methods of communication in the meantime.”'

Hackers target WHO as coronavirus cyberattacks increase

Al Jazeera 24.03.20

Ever-ready hackers hard at work:

‘The attempted break-in at the WHO was first flagged to Reuters by Alexander Urbelis, a cybersecurity expert and lawyer with the New York-based Blackstone Law Group, which tracks suspicious internet domain registration activity. Urbelis said he picked up on the activity around March 13, when a group of hackers he had been following activated a malicious site mimicking the WHO's internal email system. "I realised quite quickly that this was a live attack on the World Health Organization in the midst of a pandemic," he said…
Officials and cybersecurity experts have warned that hackers of all stripes are seeking to capitalise on international concern over the spread of the coronavirus. Urbelis said he has tracked thousands of coronavirus-themed web sites being set up daily, many of them malicious. "It's still around 2,000 a day," he said. "I have never seen anything like this.”'

CORONAVIRUS 'FEARWARE' SEES HACKERS EXPLOIT COVID-19 PANIC TO TARGET VICTIMS

The Independent 14.03.20

The virus is a great opportunity for hackers relying on fear-porn:
‘A campaign, uncovered by threat intelligence firm DomainTools, involves a website that lures people into downloading a coronavirus-tracking app. The Android application is infected with ransomware that hijacks a victim’s device and demands a $100 bitcoin payment within 48 hours in order for it to be released. A note accompanying the ransomware states: “Your GPS is watched and your location is known. If you try anything stupid your phone will be automatically erased.”’

WHISPER: SECRET-SHARING APP EXPOSES FETISHES AND OTHER INTIMATE DETAILS OF NEARLY ONE BILLION PEOPLE

The Guardian 12.03.20

An app designed to keep secrets spills all:

‘Whisper's core focus is to allow users to anonymously share secrets and has around 30 million monthly active users. Since it was launched in 2012, people have used it to post confessions and discuss private matters like sexuality, unwanted pregnancies and domestic abuse. The database contained compromising user details that could potentially be used to identify the person behind a post, including their nickname, location, age, gender, ethnicity and sexual orientation..
It is not the first time the app has been caught up in a privacy scandal. A 2014 report by The Guardian claimed that Whisper was tracking the location of users, regardless of whether or not they opted out of sharing their location data.’

Questions over Israel's role in WhatsApp case against spyware firm

The Guardian 10.02.20

Court proceedings from Facebook’s WhatsApp against Israel’s NSO (Pegasus spyware) are being delayed due to some clerical obfuscation:

‘WhatsApp filed its lawsuit in October, alleging that NSO Group had hacked 1,400 of its users, including journalists, senior diplomats, government officials and human rights activists…
In one exchange filed to the court in California, a lawyer representing WhatsApp wrote an exasperated email to an Israeli court official in which he said he had already submitted information in his Hague Convention application that the Israeli official claimed was missing.
“I am thoroughly confused, and must question whether we are discussing the same requests,” wrote Aaron Lukken, who is representing WhatsApp. He added that in seven years of submitting similar requests to other authorities, he had never been asked similar questions.’

CIA has been hacking China for 11 YEARS, says Chinese cybersecurity firm citing Vault 7 leak

RT 03.03.20

Accusations fly back and forth:

‘The attacks were traced as far back as September 2008, with the greatest concentration of targets in Beijing, Guangdong and Zhejiang provinces, the company said. Among the targeted sectors were civil aviation, scientific research institutions, oil and petroleum industries, internet companies and Chinese government.
The cybersecurity firm came to a conclusion that the attack was initiated by a “state-level hacking organization” because the hackers had used “CIA-exclusive cyber weapons” such as Fluxwire and Grasshopper – long before they were publicly revealed to have been developed by US spies, when WikiLeaks published the so-called “Vault7” cache of documents in March 2017.’

Smart camera startup Wyze sued following data breach that exposed customer information

GeekWire 27.02.20

Hackable IoT devices are the norm:
‘A Wyze Labs customer is suing the Seattle smart security camera maker following a data breach last year that exposed personal information of approximately 2.4 million users.
The lawsuit alleges that Wyze was negligent and failed to abide by U.S. Federal Trade Commission regulations for managing customer information. The plaintiff, Matthew Schoolfield of Texas, is seeking class-action status in the lawsuit.
“Not only does the exposed data make Wyze customers more susceptible to identity theft and financial fraud in the future, it is now possible for any individual anywhere in the world to access the live video feeds of every single Wyze camera that was online,” the suit alleges.’

Hackers Could Shut Down Satellites—or Turn Them into Weapons

Scientific America 22.02.20

‘If hackers were to take control of these satellites, the consequences could be dire. On the mundane end of scale, hackers could simply shut satellites down, denying access to their services. Hackers could also jam or spoof the signals from satellites, creating havoc for critical infrastructure. This includes electric grids, water networks and transportation systems…. Although the U.S. Department of Defense and National Security Agency have made some efforts to address space cybersecurity, the pace has been slow. There are currently no cybersecurity standards for satellites and no governing body to regulate and ensure their cybersecurity. Even if common standards could be developed, there are no mechanisms in place to enforce them. This means responsibility for satellite cybersecurity falls to the individual companies that build and operate them.’

MGM hack exposes personal data of 10.6 million guests

BBC 20.02.20

‘The data exposed included names, address, and passport numbers for former guests… MGM said its notification to customers followed state laws. Most US states do not require companies to tell customers if data which is already public has been exposed during a hack…
This is not the largest hacking of hotel guest information. In 2017, Marriott Hotels experienced a much larger data breach exposing 500 million guests. That attack was linked to Chinese state-sponsored hackers.’

Hackers can trick a Tesla into accelerating by 50 miles per hour

Technology Review 19.02.20

So easy to hack machine-learning systems:

‘The researchers stuck a tiny and nearly imperceptible sticker on a speed limit sign. The camera read the sign as 85 instead of 35, and in testing, both the 2016 Tesla Model X and that year’s Model S sped up 50 miles per hour….
Last year, hackers tricked a Tesla into veering into the wrong lane in traffic by placing stickers on the road in an adversarial attack meant to manipulate the car’s machine-learning algorithms.’

Meet the Guy Selling Wireless Tech to Steal Luxury Cars in Seconds

VICE 11.02.20

New gadgets make mince out of wireless-enabled objects:

‘Longtime security researcher and hardware hacker Samy Kamkar reviewed Evan's video and explained the apparent attack in an email. It starts with the car owner locking their vehicle and walking away with the key. One of the people trying to hijack the vehicle then walks up to it, holding one of the devices that listens for the particular low frequency the vehicle sends out to check if the key is nearby, and the device then retransmits it "at a higher frequency, such as 2.4Ghz or anything else that will easily travel much longer distances," Kamkar wrote. The second device, held by the second hacker, takes that high frequency signal and replays it again at the original low frequency. The keyfob sees this low frequency, and goes through the normal challenge response it would as if it was physically next to the car.
"This happens back and forth a few times for the entire challenge/response between the key and the car, and the two devices are just relaying that communication over a longer distance," Kamkar wrote.’

The Global Risks Report 2020 from World Economic Forum

15.01.20

‘Cyberattacks on critical infrastructure— rated the fifth top risk in 2020 by our expert network—have become the new normal across sectors such as energy, healthcare, and transportation. Such attacks have even affected entire cities.Public and private sectors alike are at risk of being held hostage. Organized cybercrime entities are joining forces, and their likelihood of detection and prosecution is estimated to be as low as 0.05% in the United States. Cybercrime- as-a-service is also a growing business model, as the increasing sophistication of tools on the Darknet makes malicious services more affordable and easily accessible for anyone.
…Digital technologies increasingly feature in asymmetric warfare, enabling attacks by smaller countries and non-state actors on larger states. Viruses developed as cyberweapons have been re-purposed by adversaries after being released into cyberspace. Cyberspace has become an extension of the military domain, triggering new technological arms races.’

The UK Announces Regulations to Beef Up IoT Security—The U.S. Should Follow Suit

Gizmodo 29.01.10

The UK announces new requirements to sell IoT devices:

‘Today, the UK has announced new legislation aimed at protecting consumers who buy connected devices from hacking and other types of security risks. The law would require makers of Internet of Things devices to adhere to three security requirements, which frankly should be no-brainers but somehow aren’t.The three requirements are:
IoT manufacturers would have to ensure that all device passwords are unique and cannot be reset to a generic, universal factory setting.
Companies would have to publicly provide a point of contact so that anyone—be they a developer or just a regular customer—can report bugs. The law also notes that any reported vulnerability will have to be “acted on in a timely manner.”
Companies will have to explicitly state a minimum length of time that devices will receive security updates when the device is sold, regardless of whether it’s bought online or in an actual store.’

Japan to form space defence unit to counter threats against satellites

Independent 20.01.20

Japan wants to deploy a space force to counter attack cybersecurity threat from foreign satellites:

‘The Space Domain Mission Unit will start in April as part of Japan's Air Self-Defence Force, Mr Abe said in a policy speech marking the start of the year's parliamentary session. He said Japan must also defend itself from threats in cyberspace and from electromagnetic interference against Japanese satellites. Concerns are growing that China and Russia are seeking ways to interfere, disable or destroy satellites.’

An unsecured database exposed thousands of British passports

WIRED 14.01.20

UK passport details left on Amazon unsecured server for years:

'Sensitive details including passports of thousands of Brits have been lazily left unsecured in Amazon's cloud for years – but it's unclear who's to blame.’

You need to start making home cybersecurity a big priority

WIRED 07.01.20

Securing home devices is up to us:

‘In 2020, we will shift from being mere consumers of data and digital services, to managers of our little digital personal republics. These are filled with devices that need rebooting, operating systems that require updating, and passwords that need to be managed. If you think this doesn’t yet apply to you, look around. According to the Gartner analysts, the number of connected devices across all technologies will reach 20.6 billion by 2020. Earth will be home to twice as many digital devices as human beings – and that trend is only going to continue. This isn’t just happening in faraway data centers and up in the cloud – but in our homes.

Travelex customer: My money is in limbo

Travelex hit by cyber attack:

‘A ransomware gang called Sodinokibi carried out the attack. The gang, also known as REvil, claims it first gained access to the company's computer network six months ago and has since downloaded 5 gigabytes of sensitive customer data.’

We Tested Ring’s Security. It’s Awful

BBC 08.01.20

Ring’s spectacular fail:

‘Once a hacker has broken into the account, they can watch not only live streams of the camera, but can also silently watch archived video of people—and families—going about their days. Or a hacker can digitally reach into those homes, and speak directly to the bewildered, scared, or confused inhabitants. That level of sensitivity should arguably encourage more robust security practices than an ordinary account.’

Cops see an encryption problem. Spyware makers see an opportunity

Technology Review 10.12.19

Israeli spyware used to breach encrypted data:

“Kenan was selling the company’s newest product, a data interception and manipulation tool known as P6-FI5. The device works on GSM, 3G, and 4G cellular interception—meaning it can intercept and control both phone calls and data—and can be miniaturized to be carried inside backpacks or vehicles.”

FBI TELLS PEOPLE TO PUT BLACK TAPE OVER SMART TV CAMERAS TO PROTECT AGAINST HACKERS

Independent 02.12.19

Smart TVs hacking possibilities:

"A bad cyber actor may not be able to access your locked-down computer directly, but it is possible that your unsecured TV can give him or her an easy way in the backdoor through your router.”

‘Israeli WhatsApp-hacking spy van’ scandal triggers privacy breach probe in Cyprus

RT 29.11.19

Israeli firm makes mince out of smartphone encryption:

‘Cypriot police are deepening their probe into a high-tech ‘spy van’ spotted on the island, owned by an Israeli surveillance firm and capable of hacking into any smartphone from a kilometer away… President Nicos Anastasiades said he would “never tolerate” breaches of any citizen’s privacy after a meeting last week on the matter with the country’s justice minister, chief of police and the head of the hard-left AKEL party, which first raised concerns about the vehicle’.

1.2 BILLION people’s data – including social media profiles and contact info – found on unsecured Google Cloud server

RT 22.11.19

1.2 billion of data relating to Google users found on unsecured cloud server:

‘A massive four-terabyte trove of sensitive personal data belonging to over a billion profiles has been found on an unsecured Google Cloud server - its owner still a mystery - in one of the largest single-source data leaks ever.’

5G has security flaws that could let hackers track your location

NYT 04.11.19

Lasers can hack voice-assistants:

“Researchers in Japan and at the University of Michigan said Monday that they had found a way to take over Google Home, Amazon’s Alexa or Apple’s Siri devices from hundreds of feet away by shining laser pointers, and even flashlights, at the devices’ microphones.”

IoT puts business in hackers' crosshairs

Financial Review 23.10.19

Australians tackle IoT security concerns - with no solution:

‘“Australian businesses need to first be aware of and find out which devices are connected to the internet, and find out which devices, if any, have any kind of built-in security," says Professor Slay. “Foolproof solutions are yet to emerge, she says. “As yet there is no consensus on how to secure IoT devices, and no comprehensive solutions have appeared to date,” Professor Slay says. “Looking to the future, we see large-scale acceleration of the use of IoT sensors, more excitement about their use, some development of security standards, but no obvious engagement with potential disruption. “The US Government has taken a legislative approach in some jurisdictions, but the growth in the market would make any proposed Australian legislation hard to police.”’

The 'Smart Kitchen' Is Very Stupid

WIRED 22.09.19

The smart kitchen is stupid and a big waste of time:

‘The most frustrating part of the "connected kitchen" has to do with the apps themselves. Appliances look sleek with no buttons and knobs, but those are very effective ways to turn things on and off and adjust settings. If you have to control your cooking device with an app, you pay for the perceived convenience with your time. For example, if you want to use an app to adjust the temperature of an appliance, you have to (1) grab your phone, (2) face/thumb/passcode your way in, (3) ignore the text messages and push notifications and 4) ignore the news, (5) remember why you pulled out your phone, (6) swipe to (6.5) open the app, (7) swipe to adjust the temperature, and (8) try not to wonder what will happen to your buttonless product if the Kickstarter-backed company that makes it goes under and stops updating the app. The old-fashioned way? Twist the knob on the appliance itself and get on with your dinner.’

HACKER TAKES OVER COUPLE'S SMART HOME, PLAYS VULGAR MUSIC AND RAISES TEMPERATURE TO 90 DEGREES

Newskweek 23.09.19

So easy to hack Google homes:

‘In a statement in February, Google maintained that those incidents didn't stem from a system breach but rather customers "using compromised passwords ... exposed through breaches on other websites.” While there are 14.2 billion smart-home devices in use this year—and 25 billion expected to be in use by 2021—there is no one organization responsible for monitoring or regulating security measures for the numerous devices.’

The Extortion Economy: How Insurance Companies Are Fueling a Rise in Ransomware Attacks

Propublica 27.08.19

‘Ransomware is proliferating across America, disabling computer systems of corporations, city governments, schools and police departments. This month, attackers seeking millions of dollars encrypted the files of 22 Texas municipalities. Overlooked in the ransomware spree is the role of an industry that is both fueling and benefiting from it: insurance.’

Cybersecurity of NATO’s Space-based Strategic Assets

Chatham House July 2019

Chatham House issues a word of caution:

‘Although emerging technologies such as artificial intelligence (AI) and the Internet of Things (IoT) could be force multipliers for space capabilities, increased prevalence of cyber means may also challenge the integrity of data carried through these technologies… the increasing vulnerability of space-based assets, ground stations, associated command and control systems, and the personnel who manage the systems, has not yet received the attention it deserves’.

Inside the West’s failed fight against China’s ‘Cloud Hopper’ hackers

REUTERS 26.06.19

New strains of malware attacks keep evolving, adjusting to firewalls’ protections and cutting through them like butter. From China, Reuters reports that:
‘Eight of the world's biggest technology service providers were hacked by Chinese cyber spies in an elaborate and years-long invasion. The invasion exploited weaknesses in those companies, their customers, and the Western system of technological defense’.